Role of the Information Regulator
The Information Regulator (“Regulator”), an independent body established under Section 39 of the Protection of Personal Information Act 4 of 2013 (“POPIA”), is empowered to request reports from private organisations regarding access to information requests received and handled.
The Regulator has recently mandated all private bodies to submit a PAIA Section 83(4) report, a legal requirement that cannot be overlooked, regardless of its seemingly invitational wording.
To facilitate compliance with this requirement, the Regulator launched an online portal for submission of annual reports. It is vital to note that the portal, active since May 1, 2023, will close for submissions on June 30, 2023. At the time of writing, there has been no proposed extension for this deadline. You can access the portal at https://registrations.inforegulator.org.za/landing.
Complying with the Reporting Requirement
Your report should include the total number of access to information requests received during the reporting period, broken down by category or type, if applicable. You are also expected to detail the total number of requests processed and the outcomes, including the number of requests granted, denied, or partially fulfilled.
You must also provide data on your compliance with the timeframes stipulated in PAIA, the percentage of requests responded to within the prescribed timeframes, and the average time taken to respond. Internal appeals lodged against access to informed decisions, including their outcomes and resolution times, should also be included in the report.
As part of meeting POPIA's requirements, your report should provide an overview of the measures you have implemented to safeguard personal data. This includes detailing the security safeguards and controls in place to prevent unauthorised access, loss, or disclosure of personal information.
Importance of Compliance
These reports play a critical role in enabling the Regulator to monitor compliance with PAIA and POPIA, and ensure private bodies meet their obligations regarding access to information for the public. We strongly advise that information officers diligently register their organisations with the Regulator and comply with the reporting requirements outlined under Section 83(4) of PAIA.
At Moore, we understand that legal compliance can be challenging amid multiple business operations. Our team of legal and compliance experts can assist you in making your PAIA Section 83(4) reporting process seamless. We offer guidance and support to ensure your report is comprehensive, accurate, and submitted before the 30 June 2023, deadline.
Our commitment to you is to continue monitoring the legislative landscape and keep you informed of any changes that could impact your business operations. We aim to help you remain compliant, enhancing good governance within your organisation.
Should you need further clarification on this issue, or any other compliance matters, please do not hesitate to get in touch with our team. We are dedicated to delivering comprehensive, personalised solutions that best meet your business needs.
For more information, please get in touch with your local Moore Firm.